Lessons Learned for the Network from the Verizon Data Breach Report

Last month, Verizon published its annual Data Breach Investigations Report (DBIR). Most in the industry agree that this is one of the best security reports available, and if you are involved in or have any interest in cybersecurity, then reading it is a must. The report covers nearly every type of security issue out there, and provides data from 50 global organizations representing 95 countries, which saw 1,367 confirmed data breaches and 63,437 security incidents in 2013. After reading the report once over, my first thought was, “Wow, this is not good, we are all in trouble…” I am sure this was a common response for most after reading nearly 60 pages of very comprehensive (read: overwhelming) data and findings on security threats such as web app attacks, cyber-espionage, DOS attacks, crimeware, insider threats, etc., etc. No matter what type of organization you work within, if you are responsible for security, sleeping after reading the report may prove to be difficult. While the industries one would expect to see with the most number of security incidents were at the top of the list (1. Finance, 2. Public Sector, 3. Retail), the report showed that every industry is vulnerable.

One of the most startling findings in the report was the comparison (or rather contrast) of the time to compromise vs. the time to discovery of attacks over the past ten years. Simply put, attackers are getting better and faster at a higher rate than the people trying to defend the attacks, and it's not even close. When the breach occurs on the network, the gap between time to compromise and discovery widens. The research can be sliced and diced in a million different ways, but I found that one of the key takeaways is that precautions should and must be taken at all points of an IT infrastructure. While the network is not the most common place for an attack to occur, it must be considered. The report recommends that secure network segmentation will help greatly, and is the key to eliminating a widespread breach across the entire organization, or as the report puts it, “a straight shot from patient zero to full-fledged plague”.

The network, in particular, is a target for cyber-espionage. This is important, and unfortunate, because cyber-espionage has seen consistent and significant growth of incidents over the last several years; making it one of the fastest growing security trends the report indicates. The report defines cyber-espionage as incidents which include unauthorized network or system access linked to state-affiliated actors and/or exhibiting the motive of espionage. The number of cyber-espionage incidents from 2012 to 2013 tripled, and in 2013 nearly 60 percent of incidents had confirmed data loss. Besides growth, another concerning issue for cyber-espionage is that the cost of such attacks is difficult to quantify, yet by all accounts very significant. According to a 2013 report by McAfee, the global economic losses from cyber-espionage and crime were estimated between $80 billion and $400 billion per year.

It is clear from the report that data privacy cannot be taken for granted by anyone and organizations must proactively apply multiple layers of protection for their data and their customer’s data. On the network for data-in-flight, encryption is the gold standard. By encrypting certain sensitive segments of the network, organizations can rest easier about the vulnerability of their network to data breaches. However, encryption of the network has often been met with skepticism because of concerns about loss of performance and added complexity. A new model is required, one that provides seamless and high-performance encryption for end-to-end (site-to-site and hop-by-hop) data privacy. Brocade is delivering a data privacy solution that does just that and consists of multiple products optimized for the enterprise and public campus, enterprise and service provider data centers, and workloads deployed in cloud providers and remote offices. I invite you to learn more about this solution here.

The Verizon DBIR proves that no matter what type of network you have, whether it is public or private, measures must be taken to reduce risk. This point is important because as the report points out, while much of the research indicates what is wrong in cybersecurity, the purpose of the report is to help organizations make decisions on how best to battle these threats. It is a fascinating report, and I encourage you to read it.

Some, but not all of the content in this site provided, reviewed, approved or endorsed by Brocade and is provided solely as a convenience of our customers. All postings and use of the content on this site are subject to the BROCADE EXTRANET TERMS AND CONDITIONS OF USE of the site. BROCADE ASSUMES NO LIABIITY WHATSOEVER, MAKES NO REPRESENTATION AND DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO THE CONTENT PROVIDED HEREIN, INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, CORRECTNESS, APPROPRIATENESS OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED EXPECT AS PROVIDED IN BROCADE’S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, THIRD PARTIES USE THIS CONTENT AT THEIR OWN RISK. Content on this site may contain or be subject to specific guidelines or limitation on use. Third parties using this content agree to abide by any limitation or guidelines and to comply with the BROCADE EXTRANET TERMS AND CONDITIONS OF USE of this site. Brocade may make changes to this content, to specifications, or product design or descriptions at any time, or may remove content at its sole discretion without notice.